Posted
by
Soulskill
on Tuesday July 05, 2011 @01:55PM
from the otherwise-the-terrists-win dept.

itwbennett writes "Last week, Microsoft warned that under the Patriot Act the company may be compelled to hand over European customers' data on its new cloud service to U.S. authorities — and also to keep the data transfer secret. This, of course, runs counter to the European Data Protection Directive, which states that organizations must inform users when they disclose personal information. 'Microsoft can already transfer E.U. data to the U.S. under the Safe Harbor agreement. But legal experts have warned that this agreement is hardly worth the paper it's written on,' writes IDG News Service's Jennifer Baker. 'There are seven principles of Safe Harbor, including reasonable data security, and clearly defined and effective enforcement. However all this is nullified if the Patriot Act is invoked.'"

There are specific exceptions for 'National Security' in both the European directive and each country's implementation (eg the Data Protection Act in the UK).

So all the US needs to do is find a shill (the UK government would be my guess at their first choice) who will declare that they need to export 'this' data as a matter of 'National Security' (honest!) and Microsoft and in the clear and the US get what they want.

What it means is that European companies face a fine under the data protection act if they use a cloud service in the USA. I would have thought that it would give the USA more incentive to change the rules than the EU.